I am trying to use the perl module Net::SSH::Expect within Apache through the
web but success is intermittent.
Running the below program from the command line, it works every time.
Through Mozilla and IE at BEST, I get a response every time I send a WRONG
password ("Password:"), but every other time I send a RIGHT password I get
nothing back (""). When it does work, it gives me a switch prompt as it should
and exits as it should ("MyName>").
Since it flip-flops (works and then does not seem to work) through the web, I
am not exactly who to report the bug to as it does work sometimes. My guess is
that the open channel is not being handled correctly by the Apache Per Module
Interface, but I am not sure. Apache said it is not their problem and the
Expect Module author suggested I send it to the mod_perl people.
With "-v4a" on, I get this every time, but I never see the prompt:
<h2>Trying:WRONG</h2>
<h2>Original:
debug1: Authentications that can continue: keyboard-interactive,password
Password: </h2>
<h2>Trying:RIGHT</h2>
<h2>Original:
debug1: Authentication succeeded (keyboard-interactive).
Authenticated to 2.2.2.2 ([2.2.2.2]:22).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LANG = C
</h2>
Web Client: Windows 7 Enterprise - Service Pack 1
Client Browser: Mozilla 7.0.1
Client Browser: IE 9.0.8112.16421 Update 9.0.3 (KB2586448)
Web Host: Linux MYHOST 2.6.38.6-26.rc1.fc15.x86_64 #1 SMP Mon May 9 20:45:15
UTC 2011 x86_64 x86_64 x86_64 GNU/Linux
Apache: 2.2.21 (Unix)
Perl: 5, version 12, subversion 4 (v5.12.4) built for x86_64-linux-thread-multi
Perl Module: perl-Net-SSH-Expect-1.09-5.fc15.noarch
Apache Module: mod_perl-2.0.4-14.fc15.x86_64
Nothing shows up in the error_log or ssl_error_log.
The mp2bug command yields this:
Base class package "Apache::TestReportPerl" is empty.
(Perhaps you need to 'use' the module which defines that package first,
or make that module available in @INC (@INC contains:
/usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl
/usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .).
at /usr/lib64/perl5/vendor_perl/ModPerl/TestReport.pm line 21
BEGIN failed--compilation aborted at
/usr/lib64/perl5/vendor_perl/ModPerl/TestReport.pm line 21.
Compilation failed in require at /usr/bin/mp2bug line 38.
The longer command yielded this:
perl -MApache2 -MApache::TestReportPerl -le 'Apache::TestReportPerl->new->run'
> /home/copeland/mreport
Can't locate Apache2.pm in @INC (@INC contains: /usr/local/lib64/perl5
/usr/local/share/perl5 /usb64/perl5/vendor_perl /usr/share/perl5/vendor_perl
/usr/lib64/perl5 /usr/share/perl5 .).
BEGIN failed--compilation aborted.
---------------------------------------CUT---------------------------------------
#!/usr/bin/perl
#
use strict;
use vars qw($SCRIPT $VERSION %OPTS);
############################################
print "Content-Type: text/html; charset=ISO-8859-1\n\n";
############################################
use Net::SSH::Expect;
###############################################################
# Load the Web Libraries
###############################################################
use CGI qw/:standard/; # load standard CGI routines
my $q = CGI->new;
my $deviceADDRESS;
my $deviceUSERNAME = "username";
# Be sure to set the right password 66 lines down below in this program so it
tells us we are sending the right password for debugging.
my $devicePASSWORD = "Password1:Password2:Password3";
my $deviceENABLE = "EnablePassword";
###############################################
# Maintenance Variables
###############################################
my $loopSTRATEGY;
my $exitSTRATEGY;
my $ssh;
my $login_output;
my $tryPASSWORD;
my $stuffOPTIONS = "";
my $LoopCOUNTER = 1;
################################################
# Device to Test
################################################
#SSH2
$deviceADDRESS = "2.2.2.2";
#SSH1
#$deviceADDRESS = "1.1.1.1";
#DEAD
#$deviceADDRESS = "0.0.0.0";
################################################
# Loop through passwords to login, if none work, try ssh v1
################################################
$exitSTRATEGY = 0;
while ( ! $exitSTRATEGY ) {
my @passwordLIST = split(/:/,$devicePASSWORD);
$loopSTRATEGY = 0;
while ( ! $loopSTRATEGY ) {
###############################################
# Trickey password shifter at top due to ssh version 1
# weirdness that forces while to restart.
###############################################
if ($login_output !~ /\>/) {
if ( ! @passwordLIST ) {
$loopSTRATEGY = 1;
}
else {
$tryPASSWORD = shift @passwordLIST;
eval {
# closes the ssh connection
$ssh->close();
};
}
}
else {
$ssh->exec("stty raw -echo");
$loopSTRATEGY = 1;
$exitSTRATEGY = 1;
}
################################################
# Test to show when login should work.
################################################
if ( $tryPASSWORD =~ /^Password3/ ) {
print "<h2>Trying:RIGHT</h2>\n";
}
else {
print "<h2>Trying:WRONG</h2>\n";
}
###############################################
###############################################
# Setup Session
###############################################
if ( ! $loopSTRATEGY ) {
#
# Making an ssh connection with user-password authentication
# 1) construct the object
$ssh = Net::SSH::Expect->new (
host => $deviceADDRESS,
user => $deviceUSERNAME,
password => $tryPASSWORD,
raw_pty => 1,
timeout => 3,
ssh_option => $stuffOPTIONS
# restart_timeout_upon_receive => 1,
);
###############################################
# Connect
###############################################
eval {
$login_output = $ssh->login();
# $login_output = $ssh->peek(0);
# $login_output = $ssh->read_all(2);
};
###############################################
print "<h2>Original:".$login_output."</h2>\n";
###############################################
}
else {
if ( ! $exitSTRATEGY ) {
if ( $LoopCOUNTER == 1 ) {
$stuffOPTIONS = "-1";
print "<h2>Reverting to SSH: 1</h2>\n";
}
elsif ( $LoopCOUNTER == 2 ) {
print "<h2>While trying to login: </h2>\n";
if ( $login_output =~ /^$/ ) {
print "<h3>Unable to login to device:
".$deviceADDRESS."</h3>\n";
}
else {
print "<h3>Unable to login to device:
".$deviceADDRESS."</h3>\n";
}
exit;
}
$LoopCOUNTER++;
} #if ! exit
} #else of if ! loop
} #while ! loop
} #while ! exit
# closes the ssh connection
$ssh->close();
exit;
1;
---------------------------------------CUT---------------------------------------
Blair
